The present invention generally relates to secure network communications and, more particularly, to a solution for providing a secure, mobile tunnel for connecting local area networks.
A primary feature of modern network communications is its organization in layers. In general, a “lower” layer may be regarded as being closer to the “physical layer” involving electrical signals and cabling and a “higher” layer may be regarded as being closer to the “payload” information content, e.g., e-mail or file transfer. Each layer may use a protocol. Lower layer protocols define how bits (ones and zeros) are structured to form packets. Packets have a header record that may contain identification, routing and some data about their payload. Located after the header is information payload that is being transported. Using encryption to protect a payload from unauthorized disclosure or modification, a payload may contain any information object, including a whole packet that is being transported from one secure network to another secure network, through an intervening unsecured network without risk of data loss, corruption, or access during transport. This technique for using one packet to transport another packet is called “tunneling.” This is because it appears that the two networks on either end of the communications link are really the same network and are seamlessly linked through a tunnel, the tunnel being a route of safe passage through one or more connecting networks. A service which encrypts packets to be sent and decrypts packets received, and which encapsulates packets to be sent and discards the wrapper or transport packet received at the point of connection between the secure and unsecured part of their journey may be referred to as a tunneling protocol. Tunneling protocol is sometimes referred to as an “encapsulation protocol.” which may be confusing, because, in general, all protocols encapsulate. Typically in network communications a lower layer protocol encapsulates a higher layer protocol. For example, the network layer protocol (layer 3) usually encapsulates the transport layer packet (layer 4). In contrast, a tunneling protocol encapsulates a packet of the same or lower protocol. For example, a tunneling protocol might encapsulate a layer 3 IPX (Internet Packet Exchange) packet within a layer 3 IP (Internet Protocol) packet, or for example, a LAN-to-LAN (Local Area Network) tunnel might encapsulate a media access control (layer 2) Ethernet frame or layer 3 IP packet within an encrypted layer 3 IP packet.
A typical application for a LAN-to-LAN tunnel would be to connect two buildings via a link that must pass through an untrusted physical space, such as a wire going under a public street, or perhaps through the air between two wireless devices on top of the buildings. Typically, sound security disciplines as applied to LAN-to-LAN tunnels require constant monitoring of the network communication devices, typically routers, at the terminal ends of the tunnel to ensure their integrity. A LAN-to-LAN tunnel invariably involves providing an encrypted data path between two trusted network devices, e.g., routers, at each terminal end of the tunnel. The two trusted network devices typically are equipped with the encryption keys necessary to both encrypt data streams to be sent to each other, and to decrypt streams received from each other. This makes possession or reliable control of both terminal ends of the tunnel a critical element of a LAN-to-LAN tunnel. The two trusted network devices at the ends of the tunnel, e.g., routers, are, therefore, as a rule, “always” placed in locked data closets for security reasons.
Because of the stringent physical security requirements for the terminal ends of LAN-to-LAN tunnels, LAN-to-LAN tunnels are considered to be impractical or undesirable for many situations, and a number of other approaches to providing computer communications have been used in those situations. For example, on large factory floors with moving assembly lines—such as encountered in the aircraft manufacturing industry—computer workstations are widely used to provide support, such as part number look up, for fabricators working on the aircraft. Communication of such computer workstations may be provided by running wire or fiber optic cables across the floor to network connections. While satisfactory for smaller floors, such cables become more prone to various types of accidents and damage as the size of the factory floor increases.
Another approach has been to use wireless gear with various kinds of security measures imposed. Conventional systems commonly use software data port blocking and password authentication, for example, rather than a hardware solution for security. Some portable wireless routers exist but security measures need to be provided for them, for example, media access control (MAC) address filtering can be used, which, however, can be a very labor intensive method if the computing devices being linked to change frequently. One wireless approach used on a factory floor has been to provide users with an electronic password system that supplies the user a random, periodically changing password that, to log on to the system, the user must type into the system before the password expires. While effective, such approaches have been seen to be inconvenient from the user's point of view. Approaches that require user intervention, such as entering a password, are also impractical for computing devices without a traditional user interface, for example, printers.
As can be seen, there is a need to provide secure wireless links for a number of diverse situations, including large factory floors, assembly lines, automatic test equipment carts, ship-side data terminals, and large automated manufacturing machinery. There is also a need for secure wireless links that do not burden the user with excessive security overhead.